Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Policies vs. Procedures
In the healthcare field, Actually, I am confused towards when to determine if a document is a policy or procedure? I know the difference between them, but sometimes on the actual ground, it's a little bit confusing such as: the HR, Biomedical Engineering, IT, Purchasing and Warehouses, and so forth; Are they policies or procedures? And why? -
Transition from BS 25999 to ISO 22301
Answer:
ISO 22301 was developed taking into consideration BS 25999, so there are very similarities between both standards. This article can help you to know more about these similarities, and also about the differences “ISO 22301 vs. BS 25999-2 - An Infographic” : https://advisera.com/27001academy/blog/2012/05/22/iso-22301-vs-bs-25999-2-an-infographic/
And another standard related to the business continuity, commonly used in USA, is the NFPA 1600. This article can be also interesting for you “NFPA 1600 vs. ISO 22301 - Similarities and differences” : https://advisera.com/27001academy/blog/2013/11/05/nfpa-1600-vs-iso-22301-similarities-and-differences/
Finally, this ebook about the ISO 22301 can be also interesting for you “Becoming resilient, the definitive guide to ISO 22301 implementation” : https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/ -
Aspects and risks
... isks can emerge from any part of context of the organization.
Addressing risks and opportunities according to ISO 14001 does not require documented procedure, established methodology or even a registry of records, it only requires to take actions to address them and to monitor effectiveness of these actions.
For more information, see: ISO 14001 risks and opportunities vs. environmental aspects https://advisera.com/14001academy/blog/2016/06/06/iso-14001-risks-and-opportunities-vs-environmental-aspects/ -
Lean and ISO 9001
... ... reduce waste, ensure quality and improving processes. If you ask a consultant to implement ISO 9 001 you will get one one type of the system, and if you ask him to implement Lean you will get another type of the system. They can be implemented at once to create one system and they are good at supplementing each other but they are not the same.
For more information, see: ISO 9001 vs. Lean: How they compare and how they are different https://advisera.com/9001academy/blog/2014/07/22/iso-9001-vs-lean-compare-different-2/ -
Risk management and different standards
... rtunities vs. environmental aspects https://advisera.com/14001academy/blog/2016/06/06/iso-14001-risks-and-opportunities-vs-environmental-aspects/
- 4 steps in identification and evaluation of environmental aspects https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
- ISO 22000 - hazard analysis - the standard requires hazard analysis regarding food safety and for this purpose it require organization to conduct HACCP (Hazard Analysis and Critical Control Points) analysis. Again, this is only risk assessment methodology but not requirement for the full risk management.
- ISO 13485 and ISO/TS 16949 - FMEA - this two standards require organization to conduct FEMA (Failure Mode Effect Analysis) risk assessment methodology for production, purchasing and design process. For more information, see:
- ISO 9001 vs. ISO 13485 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/
- ISO 9001 vs ISO/TS 16949 https://advisera.com/9001academy/blog/2014/10/01/iso-9001-vs-isots-16949/
- ISO 50001 doesn't even mention risks or hazards and it has completely different to establishing management system. -
Cloud service customers and ISO 27018
Answer:
ISO 27018 is not a certifiable standard. It is a code of practice that can be used to support certifiable management systems, like ISO 27001 for information security management systems. For more information click [here]( https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/)
So, a cloud service customer could be certified against ISO 27001 and include in his/her Statement of Aplicability (SOA) controls with ISO 27018 recomendations, but this decision is up to him/her, and cannot be enforced. To know more about SOA click [here](https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/) -
Certification against ISO 27108
Answer:
ISO 27018 is not a certifiable standard. It is a code of practice that can be used to support certifiable management systems, like ISO 27001 for information security management systems. For more information click [here](https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/)
In case someone decides to use ISO 27001 to implement PII controls in a certifiable manner, either principal, controller and processor can be part of the certified scope, but with different purposes:
- For the PII principal, the certification purpose would be to ensure the PII principal can demand and verify actions from those who collect, store and process his/her PII
- For the PII controller and PII processor, the certification purpose would be to ensure they protect properly the PII they collect, store and process from their users -
ISO 14001 vs ISO 14025
I was recently being assigned a task as quality representative of the company. I came across ISO 14025 in some article and other website. But most people familiar with ISO 14001 instead. My question is, what is the different between these two standards? Which one is more comprehensive? -
How ISO 27001 and ISO 27002 are related
... ISO 27001 vs. ISO 27002" : https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
Regarding the threats/vulnerabilities, this article can be also interesting for you, because you can see a complete list of them âCatalogue of threats & vulnerabilitiesâ : https://advisera.com/27001academy/knowledgebase/threats-vulnerabilities/
Finally, these materials will help you to know more about the ISO 27001:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/